This entry was posted in General Security, Miscellaneous, Research, Wordfence, WordPress Security 0 Replies
On Friday we published an analysis of the FBI and DHS Grizzly Steppe report. The report was widely seen as proof that Russian intelligence operatives hacked the US 2016 election. We showed that the PHP malware in the report is old, freely available from a Ukrainian hacker group and is an administrative tool for hackers.
We also performed an analysis on the IP addresses included in the report and showed that they originate from 61 countries and 389 different organizations with no clear attribution to Russia.
Our report has received wide coverage. Since then I have been interviewed on international network news and by online publications to share our findings. I’d like to provide some clarity both on the FBI/DHS report itself and our findings in the form of an FAQ.
Our business is WordPress security and our customers use WordPress and the Wordfence firewall and malware scanner. Some of this report will be talking directly to our customers, and some of it will be helpful for those interested in security in general and global events.